Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Generated passwords - any control parameters?

Go to solution
Private_Member_119218
Active Participant

‎05-26-2008 8:01 AM

0 Kudos

Greetings.

Is there any way to control attributes of generated passwords? E.g. I want the generated passwords to have letters AND number but NOT special symbols.

I recognize the benefit of generated passwords, but special symbols are hard on the end-users. Please advise!

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎05-26-2008 8:50 AM

0 Kudos

Hi Martin,

SAP notes 832661 and 915488 will be helpfull for you.

Cheers,

Julius

5 REPLIES 5

Go to solution
Former Member

‎05-26-2008 8:50 AM

0 Kudos

Hi Martin,

SAP notes 832661 and 915488 will be helpfull for you.

Cheers,

Julius

Go to solution
Private_Member_119218
Active Participant
In response to Former Member

‎05-26-2008 10:30 AM

0 Kudos

Thanks, Julius!

[Note 662466|https://service.sap.com/sap/support/notes/662466] was what I needed.

Go to solution
Former Member
In response to Former Member

‎05-26-2008 10:33 PM

0 Kudos

Hi Martinsh,

I understand that you have found your answer (obviously you use the search ), but wanted to add a comment:

The information note you mentioned is "older" than the correction notes which I mentioned. Now I don't know which release you are on, nor whether you were refering to standard password generation in SU01 or a development of your own to generate passwords for users, but SAP did not change the old way after that note, they added a new way.

The note you found your answer in is to my knowledge the "old way" of generating passwords. The "new way" is in my notes, there are more features now to generate backward compatable passwords (from higher to lower releases) and also check the generated password for compliance with the password structure policy which the user will later (potentially) have to comply with.

They might become suspect that that "your" initial password is not compliant with what they later have to change their password to.

This is in my opinion more insecure than not requesting special characters in the password policy, depending on which release you are on.

My understanding is that the "new way" has a tighter knit between the policy and the generator, but tolerance for compatability when used and compliance when used. Take a look at this thread () which might be interesting for you to take a closer look at, depending on your release.

Cheers,

Julius

Go to solution
Private_Member_119218
Active Participant
In response to Former Member

‎05-27-2008 6:45 AM

0 Kudos

Julius,

I was referring to standard passwords generated in SU01 or SU10. We're on release 6.20 of R/3 but are planning to upgrade to 7.00 soon, so both SAPnotes are relevant for me, just in a different time-frame.

If I'm reading the notes correctly (not too much experience with them), 662466 is for 6.10 or 6.20 and implements customizing parameters that lets me control generated passwords, and 915488 I have to keep in mind when we upgrade out system.

Eliminating specials from generated passwords (e.g. setting GEN_PSW_MAX_SPECIALS to '0') would appear to be in line with the system parameter login/min_password_specials which is set to '0' and thus there shouldn't be a conflict between the generated initial password and what the user is expected to change it to - in fact, it should make it more obvious.

Sorry, I sometimes ramble.

Go to solution
Former Member
In response to Former Member

‎05-27-2008 12:23 PM

0 Kudos

> Sorry, I sometimes ramble.

It's nice to have some company

Thanks for your contribution!